Security Experts:

Connect with us

Hi, what are you looking for?


Management & Strategy

Tapping Neurodiverse Candidates Can Address Cybersecurity Skills Shortage

While neurodiverse candidates don’t fit the traditional mold of applicants, they can often excel at highly focused, analytical work

While neurodiverse candidates don’t fit the traditional mold of applicants, they can often excel at highly focused, analytical work

At a time when there countless unfulfilled cybersecurity positions worldwide, too many companies overlook neurodiverse candidates in their hiring processes. This a huge mistake as people with autism, dyslexia, and other conditions often possess skills that are well suited for cybersecurity work. Those skills include the ability to concentrate, a capacity for recognizing anomalies, and great determination. 

People with ADHD, for example, are able to hyper-focus on certain tasks, while those with autism can process complex detail-oriented tasks, and have above average recall capabilities.

However, neurodiverse people generally do not excel at acquiring certifications — common requirements for most cybersecurity jobs. Presenting a polished persona in an interview is something else they may struggle with.

In addition, interviewing neurodiverse candidates can be challenging since they tend to avoid eye contact, sometimes struggle to communicate and can get overwhelmed in unfamiliar circumstances. They may also struggle to communicate with groups of people in a panel type interview.  All of these typically are seen as they “interviewed badly.”

If the cybersecurity industry wants to fill much-needed jobs, hiring managers and recruiters need to cast their nets beyond the sea of candidates who typify “fitting the mold.” The industry must pay attention to the hands-on abilities and innate skills of all applicants including neurodiverse candidates.

Learn from the Big Companies

Many leading companies — among them EY, Google, and Microsoft — have recruitment and training programs aimed at neurodiverse populations.

One of the first large organizations to take neurodiversity seriously was EY, which established its Neuro-Diverse Center of Excellence in 2016.

In 2020, EY noted that “We evolved our recruiting, onboarding and training processes to meet the needs of neurodiverse individuals. The deliberate changes allowed these talented professionals the opportunity to demonstrate their technology acumen, aptitude and interest.”

EY added at the time that it had a 92 percent retention rate.

Microsoft’s Neurodiversity Hiring Program was created on the belief that neurodiverse individuals strengthen a workforce with innovative thinking and creative solutions. The company believes that diverse teams positively impact Microsoft’s culture, working environment, and how it serves its customers.    

Last year Google launched Google Cloud’s Autism Career Program, seeking ways to break down the barriers that candidates with autism most often face. In addition to bias, the company noted there may be challenges with how interviews are structured or conducted without the right tools. For these reasons, Google said it would offer neurodiverse candidates reasonable accommodations such as extended interview time, providing questions in advance, and conducting interviews in writing in a Google Doc rather than verbally.

Tips for Hiring and Assessing Neurodiverse Candidates

Clearly, neurodiverse candidates don’t fit the traditional mold of applicants with college degrees and technology certifications. To level the recruitment playing field for neurodiverse candidates while striving to find the best person for a job, hiring managers and recruiters need to change their mindsets and practices.

Some tips:

●  Drop all Biases – Don’t dwell on the possible impairments of people who have ADHD, dyslexia, and so on. Focus on what candidates are good at, not what they lack. Look for hands-on skills not certificates, and seek candidates who are passionate about what they do. 

●  Break Down the Recruitment Barriers – Change the interview process. Make it more friendly to neurodiverse candidates, who likely lack sophisticated social skills, and may not have a diploma to their name. For example, group interviews are not a good tool for assessing neurodiverse job applicants.

Consider adopting Google’s approach (outlined in the previous section) which is not designed to give neurodiverse candidates an unfair advantage, but rather remove unfair disadvantages so candidates can have an equitable chance to compete for a job.

●  Make yourself welcoming for all – Typically, neurodiverse people like routine and structure, so make everyone welcome from the start.  Outline what their responsibilities will be and what they will be expected to do. If you are remote, don’t force them to be on video calls, if you are in the office don’t have hot desks, but rather a desk for them and provide quiet areas.  Have training and onboarding that they can follow at their own pace, not classroom based and communicate with them in a way they are comfortable.

● Focus on Hands-on Skills Assessment – Change the emphasis of recruitment from necessary qualifications to vital skills. Too often, recruiters ignore candidates who don’t tick all the boxes, thus failing to consider the potential of those with excellent hands-on abilities and other skills. To address this shortcoming, recruiters should conduct tests that assess job function capabilities. 

There are two instant benefits of doing so. First, companies can quickly wean out the people that aren’t passionate about what they do. Second, companies can find out what the candidates are really good at, hire them, and train them accordingly. This can help to shift the corporate mindset from “yes or no” to “let’s give that person a chance” and “create a job” that fits his or her talents.

Cybersecurity teams must be much more inclusive in their hiring processes, if they want to hire the best people and have loyal staff. Often, the very people they overlook — those with some form of neurodiversity —- can prove to be the most likely to excel at highly focused, analytical work. Clearly, more hiring managers and recruiters need to change their mindsets and practices.

RelatedHarnessing Neurodiversity Within Cybersecurity Teams

Related: Why Diversity of Thought in the Workplace Matters

Written By

Jeff Orloff is Vice President of Products and Technical Services at RangeForce, a cybersecurity training company. He has over ten years of experience in cybersecurity, computer and network security and system administration. Prior to RangeForce, he was Director of Product Management and UX at COFENSE, a company specializing in email security, phishing detection and response. He also served as Technology Coordinator for the Palm Beach County Florida School District.

Click to comment

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Join this webinar to learn best practices that organizations can use to improve both their resilience to new threats and their response times to incidents.


Join this live webinar as we explore the potential security threats that can arise when third parties are granted access to a sensitive data or systems.


Expert Insights

Related Content

Application Security

Cycode, a startup that provides solutions for protecting software source code, emerged from stealth mode on Tuesday with $4.6 million in seed funding.

Management & Strategy

SecurityWeek examines how a layoff-induced influx of experienced professionals into the job seeker market is affecting or might affect, the skills gap and recruitment...


Twenty-one cybersecurity-related M&A deals were announced in December 2022.

Management & Strategy

Industry professionals comment on the recent disruption of the Hive ransomware operation and its hacking by law enforcement.

CISO Strategy

SecurityWeek spoke with more than 300 cybersecurity experts to see what is bubbling beneath the surface, and examine how those evolving threats will present...

Management & Strategy

Tens of cybersecurity companies have announced cutting staff over the past year, in some cases significant portions of their global workforce.

CISO Conversations

SecurityWeek speaks with two leading CISOs in the aviation industry – Mitch Cyrus of Honda Aircraft, and Mark Ferguson of Bombardier.